/**
* Prepare a toppar for using an offset file.
*
* Locality: rdkafka main thread
* Locks: toppar_lock(rktp) must be held
*/
static void rd_kafka_offset_file_init (rd_kafka_toppar_t *rktp) {
char spath[4096];
const char *path = rktp->rktp_rkt->rkt_conf.offset_store_path;
int64_t offset = RD_KAFKA_OFFSET_INVALID;
if (rd_kafka_path_is_dir(path)) {
char tmpfile[1024];
char escfile[4096];
/* Include group.id in filename if configured. */
if (!RD_KAFKAP_STR_IS_NULL(rktp->rktp_rkt->rkt_rk->
rk_conf.group_id))
rd_snprintf(tmpfile, sizeof(tmpfile),
"%s-%"PRId32"-%.*s.offset",
rktp->rktp_rkt->rkt_topic->str,
rktp->rktp_partition,
RD_KAFKAP_STR_PR(rktp->rktp_rkt->rkt_rk->
rk_conf.group_id));
else
rd_snprintf(tmpfile, sizeof(tmpfile),
"%s-%"PRId32".offset",
rktp->rktp_rkt->rkt_topic->str,
rktp->rktp_partition);
/* Escape filename to make it safe. */
mk_esc_filename(tmpfile, escfile, sizeof(escfile));
rd_snprintf(spath, sizeof(spath), "%s%s%s",
path, path[strlen(path)-1] == '/' ? "" : "/", escfile);
path = spath;
}
rd_kafka_dbg(rktp->rktp_rkt->rkt_rk, TOPIC, "OFFSET",
"%s [%"PRId32"]: using offset file %s",
rktp->rktp_rkt->rkt_topic->str,
rktp->rktp_partition,
path);
rktp->rktp_offset_path = rd_strdup(path);
/* Set up the offset file sync interval. */
if (rktp->rktp_rkt->rkt_conf.offset_store_sync_interval_ms > 0)
rd_kafka_timer_start(&rktp->rktp_rkt->rkt_rk->rk_timers,
&rktp->rktp_offset_sync_tmr,
rktp->rktp_rkt->rkt_conf.
offset_store_sync_interval_ms * 1000ll,
rd_kafka_offset_sync_tmr_cb, rktp);
if (rd_kafka_offset_file_open(rktp) != -1) {
/* Read offset from offset file. */
offset = rd_kafka_offset_file_read(rktp);
}
if (offset != RD_KAFKA_OFFSET_INVALID) {
/* Start fetching from offset */
rktp->rktp_stored_offset = offset;
rktp->rktp_committed_offset = offset;
rd_kafka_toppar_next_offset_handle(rktp, offset);
} else {
/* Offset was not usable: perform offset reset logic */
rktp->rktp_committed_offset = RD_KAFKA_OFFSET_INVALID;
rd_kafka_offset_reset(rktp, RD_KAFKA_OFFSET_INVALID,
RD_KAFKA_RESP_ERR__FS,
"non-readable offset file");
}
}
/**
* Once per rd_kafka_t handle initialization of OpenSSL
*
* Locality: application thread
*
* NOTE: rd_kafka_wrlock() MUST be held
*/
int rd_kafka_transport_ssl_ctx_init (rd_kafka_t *rk,
char *errstr, size_t errstr_size) {
int r;
SSL_CTX *ctx;
call_once(&rd_kafka_ssl_init_once, rd_kafka_transport_ssl_init);
ctx = SSL_CTX_new(SSLv23_client_method());
if (!ctx)
goto fail;
/* Key file password callback */
SSL_CTX_set_default_passwd_cb(ctx, rd_kafka_transport_ssl_passwd_cb);
SSL_CTX_set_default_passwd_cb_userdata(ctx, rk);
/* Ciphers */
if (rk->rk_conf.ssl.cipher_suites) {
rd_kafka_dbg(rk, SECURITY, "SSL",
"Setting cipher list: %s",
rk->rk_conf.ssl.cipher_suites);
if (!SSL_CTX_set_cipher_list(ctx,
rk->rk_conf.ssl.cipher_suites)) {
rd_snprintf(errstr, errstr_size,
"No recognized ciphers");
goto fail;
}
}
if (rk->rk_conf.ssl.ca_location) {
/* CA certificate location, either file or directory. */
int is_dir = rd_kafka_path_is_dir(rk->rk_conf.ssl.ca_location);
rd_kafka_dbg(rk, SECURITY, "SSL",
"Loading CA certificate(s) from %s %s",
is_dir ? "directory":"file",
rk->rk_conf.ssl.ca_location);
r = SSL_CTX_load_verify_locations(ctx,
!is_dir ?
rk->rk_conf.ssl.
ca_location : NULL,
is_dir ?
rk->rk_conf.ssl.
ca_location : NULL);
if (r != 1)
goto fail;
}
if (rk->rk_conf.ssl.cert_location) {
rd_kafka_dbg(rk, SECURITY, "SSL",
"Loading certificate from file %s",
rk->rk_conf.ssl.cert_location);
r = SSL_CTX_use_certificate_chain_file(ctx,
rk->rk_conf.ssl.cert_location);
if (r != 1)
goto fail;
}
if (rk->rk_conf.ssl.key_location) {
rd_kafka_dbg(rk, SECURITY, "SSL",
"Loading private key file from %s",
rk->rk_conf.ssl.key_location);
r = SSL_CTX_use_PrivateKey_file(ctx,
rk->rk_conf.ssl.key_location,
SSL_FILETYPE_PEM);
if (r != 1)
goto fail;
}
SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
rk->rk_conf.ssl.ctx = ctx;
return 0;
fail:
rd_kafka_ssl_error(rk, NULL, errstr, errstr_size);
SSL_CTX_free(ctx);
return -1;
}
